Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: AVVNbI3u7XPccOKKxjoSfMAyjoD7P8HT9qUiN3QHJqY=
Subject key identifier: 40:44:6D:F0:1E:27:6B:DD:71:3A:50:F5:0F:6F:7C:7A:21:CE:79:BF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72ED788475ADACFA8A7EECCF0F8FF5DF1C62CA0F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Tue 26 Mar 2024 00:00:00 +0000
ROA not before: Tue 26 Mar 2024 00:00:00 +0000
ROA not after: Tue 30 Apr 2024 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Apr 2024 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:ed:78:84:75:ad:ac:fa:8a:7e:ec:cf:0f:8f:f5:df:1c:62:ca:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 26 00:00:00 2024 GMT
Not After : Apr 30 23:59:59 2024 GMT
Subject: serialNumber=5efe7cb63aa125e885b9d945c980365bec0b808365e5a901967fffc20453dbb4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d1:5f:0d:7c:80:03:3c:c3:a5:16:e7:59:67:
77:d0:bb:ac:03:56:7d:28:07:76:a1:fe:4c:51:1b:
ec:8c:d4:55:47:8b:a3:57:2d:ee:5f:2d:0b:ed:af:
91:bf:93:5b:48:00:cf:9d:f8:c0:f0:29:a9:b2:ae:
7b:e0:a9:71:39:51:7c:bf:11:06:95:29:95:f5:98:
a3:41:f8:01:8e:ca:99:c5:5b:b4:43:68:53:42:ea:
f1:7d:f2:4d:d5:d1:3e:c7:55:52:ab:e7:b8:5b:40:
66:74:f6:cb:6d:f4:70:9c:ca:c3:ff:4f:14:d7:35:
b4:a6:fb:14:b8:65:66:4d:00:c7:f1:00:b4:4b:c6:
5e:d8:46:ff:f2:bf:77:57:4f:2c:5d:d5:1e:44:46:
15:88:29:36:5d:21:de:13:ad:b0:44:41:c6:1b:90:
9e:ce:a6:ba:50:d7:65:ea:64:5e:78:d5:82:c0:b8:
4e:9c:56:e8:29:10:0f:e0:39:ec:c2:39:94:b4:10:
cf:9e:c7:1e:a1:19:af:a4:e3:b2:ea:2b:e3:d7:5f:
29:50:1f:69:b7:a6:16:d0:12:5b:a0:f2:f5:82:5c:
c8:28:da:a0:e6:ab:34:84:00:26:9d:a7:13:20:14:
43:71:d1:e8:dc:b4:14:13:ca:a2:6a:ae:39:03:17:
70:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:44:6D:F0:1E:27:6B:DD:71:3A:50:F5:0F:6F:7C:7A:21:CE:79:BF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:34:18:04:2a:b0:ec:70:1e:b6:83:0a:03:5c:f0:3c:a3:7e:
80:bf:54:89:46:bb:88:62:e1:c1:3b:f6:85:3b:74:56:15:70:
2b:38:20:27:74:03:3c:83:79:cc:9d:4d:04:9d:ef:75:c3:1c:
d8:15:ff:08:aa:bf:dc:3a:0f:61:05:56:81:ad:56:fe:69:4d:
5d:5f:af:81:e3:84:c6:63:b2:d3:7f:96:a1:28:16:25:62:24:
f8:0f:b3:d5:58:ec:d6:0c:d6:bc:82:91:5a:b0:01:4f:51:91:
e5:c2:f0:c1:66:39:88:fc:96:d6:ee:bf:68:99:e4:4a:0a:bf:
b7:c2:6d:bf:48:e8:f4:9b:7c:17:af:af:23:00:66:d6:fd:45:
3f:90:91:4c:b2:1f:39:d6:97:71:d1:6c:a8:c6:05:2d:ee:7e:
e1:f0:db:d6:39:bd:81:d0:18:9d:d3:aa:ae:c2:c1:72:05:19:
23:6b:83:36:0d:b1:1a:54:7b:1f:e7:5e:0c:7d:75:26:9b:76:
b3:8b:b2:ee:01:25:53:0c:4d:0f:fb:52:41:17:c0:b8:10:f4:
b8:e7:3f:bd:f7:94:c8:79:64:a8:42:70:f8:6b:63:23:52:89:
28:c1:f7:5c:9f:ce:ec:f9:0e:6c:d5:ed:44:51:87:ac:b7:02:
b8:e8:89:73
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcu14hHWtrPqKfuzPD4/13xxiyg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDAzMjYwMDAwMDBaFw0yNDA0MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlZmU3Y2I2M2FhMTI1ZTg4NWI5ZDk0NWM5ODAzNjViZWMwYjgwODM2NWU1
YTkwMTk2N2ZmZmMyMDQ1M2RiYjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvRXw18gAM8w6UW51lnd9C7rANWfSgHdqH+TFEb7IzUVUeLo1ct7l8tC+2v
kb+TW0gAz534wPApqbKue+CpcTlRfL8RBpUplfWYo0H4AY7KmcVbtENoU0Lq8X3y
TdXRPsdVUqvnuFtAZnT2y230cJzKw/9PFNc1tKb7FLhlZk0Ax/EAtEvGXthG//K/
d1dPLF3VHkRGFYgpNl0h3hOtsERBxhuQns6mulDXZepkXnjVgsC4TpxW6CkQD+A5
7MI5lLQQz57HHqEZr6Tjsuor49dfKVAfabemFtASW6Dy9YJcyCjaoOarNIQAJp2n
EyAUQ3HR6Ny0FBPKomquOQMXcNsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRARG3w
Hidr3XE6UPUPb3x6Ic55vzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQDJNBgEKrDscB62gwoDXPA8o36Av1SJRruIYuHBO/aF
O3RWFXArOCAndAM8g3nMnU0Ene91wxzYFf8Iqr/cOg9hBVaBrVb+aU1dX6+B44TG
Y7LTf5ahKBYlYiT4D7PVWOzWDNa8gpFasAFPUZHlwvDBZjmI/JbW7r9omeRKCr+3
wm2/SOj0m3wXr68jAGbW/UU/kJFMsh851pdx0WyoxgUt7n7h8NvWOb2B0Bid06qu
wsFyBRkja4M2DbEaVHsf514MfXUmm3azi7LuASVTDE0P+1JBF8C4EPS45z+995TI
eWSoQnD4a2MjUokowfdcn87s+Q5s1e1EUYestwK46Ilz
-----END CERTIFICATE-----
Generated at Thu Apr 18 00:59:31 2024 by rpki-client on console-ams.rpki-client.org